<?php
    @session_start();
    require_once 'shared-functions.php';
    require_once 'session.php';
    require_once 'masterpage.php';
    
	
	
	
    if(!IsValidSession())
    {
        header('Location: login.php?page=manage-assignments');
        exit();
    }
    else
    {
    	RefreshSession();
    }
	
	if(!isset($_POST['CourseInstance']))
	{
		header('Location: course-selector.php?page=manage-assignments&filter=teacher');
		exit();
	}
	

	$user = GetCurrentUserAccessLevel();
	
    //Check user access
    if($user != $TEACHER && $user != $DIRECTOR && $user != $ADMIN && $user != $REGISTRAR)
    {
        header('Location: login.php?page=manage-assignments&error=Insufficient privileges to access to the manage assignments page&logout=1');
		exit();
    }

	$link = connect_db();
	if($user == $TEACHER)
	{
		//query to get this courses instructor and check it against GetSessionUser()
		$query = "SELECT * FROM `CourseInstance` WHERE `InstructorID`='" . GetSessionUser() . "' AND `InstanceID`='" . $_POST['CourseInstance'] . "'";
		$result = mysql_query($query, $link);
		if(mysql_num_rows($result) <= 0) {
			header('Location: login.php?page=manage-assignments&error=Course not in teachers assigned courses&logout=1');
			exit();
		}
	}

    masterpage("Manage Assignments");
	
	
	
	

    $filter = "";
	if(GetCurrentUserAccessLevel() == $TEACHER)
    {
        $filter = "&filter=teacher";
    }
    echo '<a href="course-selector.php?page=manage-assignments'.$filter.'">&lt;&lt; Back to Course Selector</a><p />';
	
	
	// This is a print button for if anyone ever adds printing through print-assignements.php
	//echo '<p></p>';
	//echo '<form action="print-assignments.php" method="post" target="_blank">';
	//echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '"/>';
	//echo '<input type="hidden" name="ItemID" value="' . $_POST['ItemID'] . '"/>';
	//echo '<input type="submit" value="Print Course Grades" />';
	//echo '</form>';
	//echo '<p></p>';
	
	
	
	// The following is the assignment selection section, along with the add new assignments button
	$query = "SELECT `ItemID`, `ItemName`, `ItemDescription`, `MaxPoints`, `Weight` FROM `CourseWork` WHERE `CourseInstance`='" . $_POST['CourseInstance'] . "'";
    $courses = mysql_query($query, $link);
    if(!$courses) {
        echo "Oops...something went wrong. Please contact support.";
        exit();
    }
	
	echo '<table class="DataList" width="30%"><thead><tr><th class="header">Assignments</th></tr></thead><tbody><tr><td class="rows">';
	
	echo '<form action="manage-assignments.php" method="post">';
	echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '" />';
	echo '<select name="ItemID" size="5" style="width:100%;" onchange="this.form.submit()">';
	while($tblrow = mysql_fetch_array($courses, MYSQL_BOTH)) {
		echo '<option value="' . $tblrow['ItemID'] . '"';
		
		if($_POST['ItemID'] == $tblrow['ItemID']) {
			$ItemDescription = $tblrow['ItemDescription'];
			$MaxPoints = $tblrow['MaxPoints'];
			$Weight = $tblrow['Weight'];
			
			echo ' selected="selected"';
		}
		
		echo '>' . $tblrow['ItemName'] . '</option>';
	}
	echo '</select>';
	echo '<input type="submit" value="Select" style="visibility:hidden;" />';
	echo '</form>';
	
	echo '<form action="add-assignments.php" method="post">';
	echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '"/>';
	echo '<input type="submit" value="Add New Assignment" />';
	echo '</form>';
	
	echo '</td></tr></tbody></table>';
	


	
	
	echo '<p></p>';
	
	
	

	// The following is the assignment information, including an edit button
	if(!isset($_POST['ItemID'])) {
		endmasterpage();
		exit();
	}
	
	echo '<table class="DataList" width="90%">';
	echo '<thead><tr><th class="header">Description</th><th class="header">Max Points</th><th class="header">Weight</th><th class="header"></th class="header"></tr></thead>';
	echo '<tbody><tr>';
	echo '<td class="rows">' . $ItemDescription . '</td>';
	echo '<td class="rows">' . $MaxPoints . '</td>';
	echo '<td class="rows">' . $Weight . '</td>';
		
	echo '<td class="rows">';
	echo '<form action="edit-assignments.php" method="post">';
	echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '"/>';
	echo '<input type="hidden" name="ItemID" value="' . $_POST['ItemID'] . '"/>';
	echo '<input type="submit" value="Edit" />';
	echo '</form>';
	echo '</td>';
	
	echo '</tbody></tr>';
	echo '</table>';
	
	
	
	
	
	echo '<p></p>';
	
	
	
	
	// The remainder of this page focuses on the list of student grades for the assignment
	
	// First, verify that all students in the course are have a StudentGrade table entry for this assignment
	$query = "SELECT `StudentID` 
				FROM `CourseEnrollment` 
				WHERE `CourseEnrollment`.`CourseInstanceID`='" . $_POST['CourseInstance'] . "' 
				AND `CourseEnrollment`.`StudentID` 
				NOT IN (SELECT `StudentGrade`.`StudentID` 
					FROM `StudentGrade` 
					WHERE `StudentGrade`.`CourseInstanceID`='" . $_POST['CourseInstance'] . "' 
					AND `StudentGrade`.`ItemID`='" . $_POST['ItemID'] . "')";
	$newStudents = mysql_query($query, $link);
	if(!$newStudents) {
		echo "Oops...something went wrong. Please contact support.";
		exit();
	}
	
	while($tblrow = mysql_fetch_array($newStudents, MYSQL_BOTH)) {
		$zeroPoints = 0;
		$noComment = "";
		$query = "INSERT INTO `StudentGrade` (StudentID, CourseInstanceID, ItemID, Points, Comment) 
				VALUES ('$tblrow[StudentID]', '$_POST[CourseInstance]', '$_POST[ItemID]', '$zeroPoints', '$noComment')";
		$result = mysql_query($query, $link);
	}
	
	
	// Second, get the list of students, and their grades for the assignment
	$query = "SELECT `StudentID`, `CourseInstanceID`, `ItemID`, `Points`, `Comment`, `FirstName`, `MiddleName`, `LastName` FROM `StudentGrade` INNER JOIN `User` ON `User`.`UserId`=`StudentGrade`.`StudentID` WHERE `CourseInstanceID`='" . $_POST['CourseInstance'] . "' AND `ItemID`='" . $_POST['ItemID'] . "'";
	$grades = mysql_query($query, $link);
	if(!$grades) {
		echo "Oops...something went wrong. Please contact support.";
		exit();
	}
	
	echo '<form action="manage-assignments.php" method="post">';
	echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '" />';
	echo '<input type="hidden" name="UpdateGrades" value="UpdateGrades" />';
	echo '<input type="hidden" name="ItemID" value="' . $_POST['ItemID'] . '" />';
	echo '<table class="DataList" width="90%">';
	echo '<thead><tr><th class="header">Name</th><th class="header">Points</th><th class="header">Comments</th><th class="header"></th></tr></thead>';
	echo '<tbody>';
	$i = 0;
	while($tblrow = mysql_fetch_array($grades, MYSQL_BOTH)) {
		
		echo '<tr>';
		
		
		$rowClass = ($i++ % 2 == 0 ? "rows" : "altrows");
		
		
		echo '<td class="' . $rowClass . '">' . $tblrow['LastName'] . ', ' . $tblrow['FirstName'] . ' ' . $tblrow['MiddleName'] . '</td>';
		
		
		if($_POST["UpdateGrades"]) {
			
			
			$points = $_POST[$tblrow['StudentID'] . "Points"];
			$comment = $_POST[$tblrow['StudentID'] . "Comment"];
			
			$query = "UPDATE `StudentGrade` SET `Points`='{$points}', `Comment`='{$comment}' 
					WHERE `StudentID`='{$tblrow['StudentID']}' AND `CourseInstanceID`='{$_POST['CourseInstance']}' AND `ItemID`='{$_POST['ItemID']}'";
			$result = mysql_query($query, $link);
			if($result) {
				// Grade updated
				
				echo '<td class="' . $rowClass . '"><textarea rows="1" cols="4" name="' . $tblrow['StudentID'] . 'Points">' . $points . '</textarea></td>';
				echo '<td class="' . $rowClass . '"><textarea rows="1" cols="64" name="' . $tblrow['StudentID'] . 'Comment">' . $comment . '</textarea></td>';
				echo '<td class="' . $rowClass . '" style="color:green;">&#x2713;</td>';
				
			} else {
				// Grade NOT updated
				
				echo '<td class="' . $rowClass . '"><textarea rows="1" cols="4" name="' . $tblrow['StudentID'] . 'Points">' . $tblrow['Points'] . '</textarea></td>';
				echo '<td class="' . $rowClass . '"><textarea rows="1" cols="64" name="' . $tblrow['StudentID'] . 'Comment">' . $tblrow['Comment'] . '</textarea></td>';
				echo '<td class="' . $rowClass . '" style="color:red;>&#x2717;</td>';
				
			}
			
			
			
		} else {
			
			echo '<td class="' . $rowClass . '"><textarea rows="1" cols="4" name="' . $tblrow['StudentID'] . 'Points">' . $tblrow['Points'] . '</textarea></td>';
			echo '<td class="' . $rowClass . '"><textarea rows="1" cols="64" name="' . $tblrow['StudentID'] . 'Comment">' . $tblrow['Comment'] . '</textarea></td>';
			echo '<td class="' . $rowClass . '"></td>';
			
		}
		
		
		echo '</tr>';
		
	}
	echo '</tbody>';
	echo '</table>';
	echo '<input type="submit" value="Save" />';
	echo '</form>';
	

    endmasterpage();
?>
